Wind River Support Network


LIN1021-5489 : Security Advisory - qemu - CVE-2023-1544

Created: Mar 21, 2023    Updated: Jul 3, 2023
Resolved Date: Jul 3, 2023
Found In Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.
Live chat